Provisioning Fedora CoreOS on DigitalOcean

This guide shows how to provision new Fedora CoreOS (FCOS) nodes on DigitalOcean. Fedora CoreOS images are currently not published directly on DigitalOcean, so you must download a Fedora CoreOS DigitalOcean image and upload it to your DigitalOcean account as a custom image.

Prerequisites

Before provisioning an FCOS machine, you must have an Ignition configuration file containing your customizations. If you do not have one, see Producing an Ignition File.

Fedora CoreOS has a default core user that can be used to explore the OS. If you want to use it, finalize its configuration by providing e.g. an SSH key.

If you do not want to use Ignition to get started, you can make use of the Afterburn support.

You also need to have access to a DigitalOcean account. The examples below use the doctl command-line tool and jq as a command-line JSON processor.

Creating a DigitalOcean custom image

Fedora CoreOS is designed to be updated automatically, with different schedules per stream.

  1. Once you have picked the relevant stream, find the corresponding DigitalOcean image on the download page and copy the URL of the Download link.

  2. Create the custom image:

    Example uploading FCOS to a DigitalOcean custom image
    doctl compute image create my-fcos-image --region sfo2 --image-url <download-url>
    # Wait for image creation to finish
    while ! doctl compute image list-user --output json | jq -c '.[] | select(.name=="my-fcos-image")' | grep available; do sleep 5; done

The above command uploads the image and waits until it is ready to be used. This process can take a long time, in our testing we have seen it take up to 15 minutes. Wait time is dependent on upload speeds and platform load.

Launching a droplet

  1. If you don’t already have an SSH key uploaded to DigitalOcean, upload one:

    Example uploading an SSH key to DigitalOcean
    doctl compute ssh-key create my-key --public-key "$(cat ~/.ssh/id_rsa.pub)"
  2. Launch a droplet. Your Ignition configuration can be passed to the VM as its user data, or you can skip passing user data if you just want SSH access. This provides an easy way to test out FCOS without first creating an Ignition config.

    When creating a FCOS DigitalOcean droplet, you must specify an SSH key for the droplet, even if you plan to inject SSH keys via Ignition.

    Example launching FCOS on DigitalOcean using an Ignition configuration file
    image_id=$(doctl compute image list-user | grep my-fcos-image | cut -f1 -d ' ')
    key_id=$(doctl compute ssh-key list | grep my-key | cut -f1 -d ' ')
    doctl compute droplet create my-fcos-droplet --image "${image_id}" --region sfo2 --size s-2vcpu-2gb --user-data-file <ignition-config-path> --ssh-keys "${key_id}" --wait
    While the DigitalOcean documentation mentions cloud-init and scripts, FCOS does not support cloud-init or the ability to run scripts from user-data. It accepts only Ignition configuration files.
  3. You now should be able to SSH into the instance using the associated IP address.

    Example connecting
    ssh core@<ip address>
  翻译: